<?php
class DocumentsController extends AppController {

	var $name = 'Documents';
	
	function beforeFilter() {
		parent::beforeFilter();
		
		if ( preg_match('/\b(add)|(edit)|(delete)\b/', $this->params['action']) && $this->Auth->user('role') == 'spectator')
		{
			$this->redirect('/');
		}
	}

	function index() {
		$this->layout = 'tasks';
		
		$documents = $this->Document->find('all', array(
			'conditions' => array(
				'Document.project_id' => $this->current_project['Project']['id'],
			),
			'order' => array($this->get_order_for_documents())
		));
		
		$this->set('documents', $documents);
		
	}

	function view($id = null) {
		
		$document = $this->Document->read(null, $id);
		
		if (empty($document) || empty($this->current_project) || !$this->check_permissions_for_project($this->Auth->user(), $document['Project']['id']))
		{
			$this->redirect('/');
		}
		
		$this->set('document', $document);
	}

	function add() {
		if (empty($this->current_project) || !$this->check_permissions_for_project($this->Auth->user(), $this->current_project['Project']['id']))
		{
			$this->redirect('/');
		}
		if (!empty($this->data)) {
			
			if (!empty($this->data['submit']) && $this->data['submit'] == 'Save')
			{

				$this->data['Document']['creator_id'] = $this->Auth->user('id');
				$this->data['Document']['project_id'] = $this->current_project['Project']['id'];
				
				$this->data['Document']['name'] = preg_replace ( '/<.*?>/i' , '' , $this->data['Document']['name']);
			
				$this->data['Document']['text'] = preg_replace ( '/ ?[\w:\-]+ ?= ?("[^"]+"|\'[^\']+\'|\w+)/i' , '' , $this->data['Document']['text']);
				$this->data['Document']['text'] = preg_replace ( '/(<script.*?script>)|(<style.*?style>)/i' , '' , $this->data['Document']['text']);

				$this->Document->create();
				if ($this->Document->save($this->data))
				{
					$this->redirect(array('action' => 'index'));
				}
			}
			if (!empty($this->data['submit']) && $this->data['submit'] == 'Preview')
			{
				$this->data['Document']['name'] = preg_replace ( '/<.*?>/i' , '' , $this->data['Document']['name']);
				
				$this->data['Document']['text'] = preg_replace ( '/ ?[\w:\-]+ ?= ?("[^"]+"|\'[^\']+\'|\w+)/i' , '' , $this->data['Document']['text']);
				$this->data['Document']['text'] = preg_replace ( '/(<script.*?script>)|(<style.*?style>)/i' , '' , $this->data['Document']['text']);
				
				$this->set('preview', true);
			}
		}
	}

	function edit($id = null) {
		if (!$id && empty($this->data)) {
			$this->redirect('/');
		}
		if (empty($this->data)) {
			$document = $this->Document->find('first', array('conditions' => array( 'Document.id' => $id)));
			
			if (empty($document) || !$this->check_permissions_for_project($this->Auth->user(), $document['Project']['id']))
			{
				$this->redirect('/');
			}
			if ($document['Document']['blocked'] != 0 && $document['Document']['blocked'] != $this->Auth->user('id'))
			{
				$this->redirect('/documents');
			}
			$document['Document']['blocked'] = $this->Auth->user('id');
			
			$this->Document->save(array('Document' => array(
					'id' => $document['Document']['id'],
					'blocked' => $document['Document']['blocked']
				)));
			$this->data = $document;
		}
		if (!empty($this->data)) {
			if (!empty($this->data['submit']) && $this->data['submit'] == 'Save')
			{
				
				$document = $this->Document->find('first', array('conditions' => array( 'Document.id' => $this->data['Document']['id'])));
				if ($document['Document']['blocked'] != $this->Auth->user('id'))
				{
					$this->redirect('/');
				}
				$this->data['Document']['blocked'] = 0;
				
				$this->data['Document']['name'] = preg_replace ( '/<.*?>/i' , '' , $this->data['Document']['name']);

				$this->data['Document']['text'] = preg_replace ( '/ ?[\w:\-]+ ?= ?("[^"]+"|\'[^\']+\'|\w+)/i' , '' , $this->data['Document']['text']);
				$this->data['Document']['text'] = preg_replace ( '/(<script.*?script>)|(<style.*?style>)/i' , '' , $this->data['Document']['text']);

				if ($this->Document->save($this->data, array('fieldList' => array('id', 'name', 'text', 'blocked'))))
				{
					$this->redirect(array('action' => 'view', $this->data['Document']['id']));
				}
			}
			if (!empty($this->data['submit']) && $this->data['submit'] == 'Preview')
			{
				$this->data['Document']['name'] = preg_replace ( '/<.*?>/i' , '' , $this->data['Document']['name']);
				
				$this->data['Document']['text'] = preg_replace ( '/ ?[\w:\-]+ ?= ?("[^"]+"|\'[^\']+\'|\w+)/i' , '' , $this->data['Document']['text']);
				$this->data['Document']['text'] = preg_replace ( '/(<script.*?script>)|(<style.*?style>)/i' , '' , $this->data['Document']['text']);
				
				$this->set('preview', true);
			}
		}
	}

	function delete($id = null) {
		if (!$id) {
			$this->redirect('/');
		}
		
		$document = $this->Document->read(null, $id);
		
		if ( ($document['Document']['blocked'] && $document['Document']['blocked'] != $this->Auth->user('id')) || !$this->check_permissions_for_project($this->Auth->user(), $document['Project']['id']))
		{
			$this->redirect('/');
		}
		
		$this->Document->delete($id);
		$this->redirect(array('action'=>'index'));
		
		$this->redirect(array('action' => 'index'));
	}
}
